I am looking up my Trusted Credentials in Android under System and I see a huge list of stuff, some of which is in foreign languages.
How can I tell if these certificates are legit, or if they are the result of malware?
These are Root Certification Authorities used to validate digital certificates. If your Android device is not rooted there is no way to install Root CAs in the System domain and hence you should be safe. If you look at the Root CA store of your computer you will also see many Root CAs issued outside USA and using other languages than English.